1. Introduction

NFS is a UNIX protocol for large scale client/server file sharing. It is analogous to the server Message Block (SMB) and Common Internet File System (CIFS) protocols on Microsoft Windows. The Network File System Version 4 is a distributed filesystem protocol which owes heritage to NFSv2 and NFSv3. Unlike previous versions of NFS the present version(NFSv4) supports traditional file access while integrating support for file locking and mount protocol. There are many additional features with NFSv4 such as support for strong security, compound operations, client caching and internationalization.

NFSv4 is the successor of NFSv3. It has been designed to work on a LAN or over the Internet.

NFSv4 comes with several new features:

Advanced security management

Kerberos

SPKM

LIPKEY

Firewall friendly

Advanced and aggressive cache management

Non Unix compatibility (Windows)

Easy to administer (Replication, migration)

Crash recovery (Client and server sides)

NFSv4 uses 32 KBytes pages.

The NFSv3 and NFSv4 protocols are not compatible. A NFSv4 client cannot access a NFSv3
server, and vice versa. However, in order to simplify migrations from NFSv3 to NFSv4, both
NFSv3 and NFSv4 services are launched by the command: rpc.nfsd.

In the case of NFSv3 and NFSv4 clients simultaneously accessing the same server, one must be aware that two different file systems are used: there is no backward support to NFSv3 by the NFSv4 server.

In order to ensure a better reliability over the Internet, NFSv4 only uses TCP. To help NFS setup for internet use, one unique network port is used on NFSv4. This predetermined port is fixed. The default is port 2049.

2. Daemons for NFSv4:

client side

both sides

server side

user commands:

mountexportfs

user daemons:

portmapidmapd

nfsd

kernel parts:

NFSv4RPCXDRTCPIpv4

The following are the Daemons that should be running on a NFSv4 Server:

rpc.idmapd

rpc.nfsd 8

The following are the Daemons that should be running on a NFSv4 client:

rpc.idmapd

3. About NFSv4 Daemons

A NFSv4 client communicates with corresponding NFSv4 Server via Remote Procedure Calls (RPS's). The client sends a request and gets a reply from the server.

A NFSv4 server can only provide/export a single, hierarchical file system tree. If a server has to share more than one logical file system tree, the single trees are integrated in a new virtual root directory. This construction, called pseudo file system, is the one which is provided/exported to clients.

rpc.mountd — This process receives mount requests from NFS clients and verifies the requested file system is currently exported. This process is started automatically by the nfs service and does not require user configuration. This is not used with NFSv4.

rpc.idmapd — rpc.idmapd is the NFSv4 ID <-> name mapping daemon. It provides functionality to the NFSv4 kernel client and server, to which it communicates via upcalls, by translating user and group IDs to names, and vice versa.

rpc.svcgssd — This process provides the server transport mechanism for the authentication process (Kerberos Version 5) with NFSv4. This service is required for use with NFSv4.

rpc.gssd — This process provides the client transport mechanism for the authentication process (Kerberos Version 5) with NFSv4. This service is required for use with NFSv4.

To start the NFS server issue the command:

/etc/init.d/idmapd/etc/init.d/svcgssd start (only if kerberos support is enabled/required)
/etc/init.d/nfsserver start

On the NFS client type the following commands:

/etc/init.d/idmapd start/etc/init.d/gssd start (only if kerberos support is enabled/required)

To check the exported volume from the server type the following command:

showmount -e NFSserver name

4. NFS Server Configuration

This document explains how to configure and use NFSv4 on a SLES 10 box and covers the basic NFSv4 configuration and the automount facility using autofs. This setup is made on SUSE Linux 10.1.

To enable NFSv4 on the machine check: /etc/sysconfig/nfs

NFS_SUPPORT = "yes"

In /etc/exports make an entry of your exported path with the export options for eg:-

/etc/exports - contains a list of all directories that are to be exported via
NFS. The syntax is slightly different from NFSv3. Here is a sample entry:

Note:Single line entry for each security mode fsid - The value 0 has a special meaning when use with NFSv4. NFSv4 has a concept of a root of the overall exported filesystem (Pseudofilesystem). The export point exported with fsid=0 will be used as this root.

no_subtree_check - If a subdirectory of a filesystem is exported, but the whole filesystem isn't then whenever a NFS request arrives, the server must check not only that the accessed file is in the appropriate filesystem (which is easy) but also that it is in the exported tree (which is harder). This check is called the subtree_check. This option disables subtree_check.

Insecure - The insecure option in this entry also allows clients with NFS implementations that don't use a reserved port for NFS.

- /nfs *(rw,fsid=0,no_subtree_check,no_root_squash,sync)

exported paths export options for nfsv4

To export multiple volumes in NFSv4, follow the steps below:

If we want to export two directories say /NFS1 & /NFS2, then export the NFS1 as explained above. But for NFS2 we have to create a directory NFS2 in /NFS1.

mkdir /NFS1/NFS2

Bind the directory /NFS2 to /NFS1/NFS2 to do this execute the following command:mount ?bind /NFS2 /NFS1/NFS2

The NFS exported volume can also be mounted on the client just by making an entry in the /etc/fstab file. If your NFS server name is NFSserver and the mount point on the client is /mnt point then the entry in the fstab should look like something below.